Skip to content

Add server.request.body.filenames AppSec address for Akka HTTP#11173

Open
jandro996 wants to merge 2 commits intomasterfrom
alejandro.gonzalez/APPSEC-61873-6-akka
Open

Add server.request.body.filenames AppSec address for Akka HTTP#11173
jandro996 wants to merge 2 commits intomasterfrom
alejandro.gonzalez/APPSEC-61873-6-akka

Conversation

@jandro996
Copy link
Copy Markdown
Member

@jandro996 jandro996 commented Apr 21, 2026
edited
Loading

What Does This Do

Akka HTTP 10.0 / 10.6

  • UnmarshallerHelpers.handleMultipartStrictFormData(): extracts filenames from Multipart.FormData.BodyPart.Strict via getFilename() and fires the requestFilesFilenames IG callback. Both requestBodyProcessed and requestFilesFilenames are fetched upfront; the early return only triggers when both are null. Blocking is supported via AkkaBlockResponseFunction.setUnmarshallBlock(true).
  • UnmarshallerHelpers.handleStrictFormData(): adds the same filename extraction for the formFieldMultiMap path, which goes through StrictFormCompanionInstrumentation and was not previously reaching handleMultipartStrictFormData.

Spring Boot

  • testBodyFilenames() enabled in SpringBootBasedTest (Spring Boot defaults to Tomcat, whose ParsePartsInstrumentation already fires requestFilesFilenames).

Motivation

Implements the server.request.body.filenames WAF address for Akka HTTP.

Jira ticket: APPSEC-61873

Additional Notes

requestBodyProcessed and requestFilesFilenames are registered as independent callbacks in GatewayBridge.DATA_DEPENDENCIES — a deployment with filename-only WAF rules will have requestBodyProcessed == null but requestFilesFilenames != null. Returning early when only one is null would silently skip filename detection in that case.

Contributor Checklist

Note: Once your PR is ready to merge, add it to the merge queue by commenting /merge. /merge -c cancels the queue request. /merge -f --reason "reason" skips all merge queue checks; please use this judiciously, as some checks do not run at the PR-level. For more information, see this doc.

@jandro996 jandro996 added type: enhancement Enhancements and improvements comp: asm waf Application Security Management (WAF) labels Apr 21, 2026
@jandro996
Copy link
Copy Markdown
Member Author

jandro996 commented Apr 21, 2026

@codex review

chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed Apr 21, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 89592b09a8

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread ...estFixtures/groovy/datadog/trace/instrumentation/play26/server/AbstractPlayServerTest.groovy Outdated
Comment thread ...ain/java/datadog/trace/instrumentation/jersey2/MultiPartReaderServerSideInstrumentation.java Outdated
@pr-commenter
Copy link
Copy Markdown

pr-commenter Bot commented Apr 21, 2026
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/APPSEC-61873-6-akka
git_commit_date 1776899365 1776938234
git_commit_sha 8569434 f3cd892
release_version 1.62.0-SNAPSHOT~8569434beb 1.62.0-SNAPSHOT~f3cd8924cc
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1776940098 1776940098
ci_job_id 1623229081 1623229081
ci_pipeline_id 109250045 109250045
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-y3iz53xb 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-y3iz53xb 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 62 metrics, 9 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.62.0-SNAPSHOT~f3cd8924cc, baseline=1.62.0-SNAPSHOT~8569434beb

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.062 s) : 0, 1061876
Total [baseline] (11.008 s) : 0, 11007537
Agent [candidate] (1.059 s) : 0, 1058851
Total [candidate] (11.121 s) : 0, 11120917
section appsec
Agent [baseline] (1.261 s) : 0, 1260835
Total [baseline] (11.042 s) : 0, 11042060
Agent [candidate] (1.268 s) : 0, 1268089
Total [candidate] (11.059 s) : 0, 11059098
section iast
Agent [baseline] (1.232 s) : 0, 1231870
Total [baseline] (11.261 s) : 0, 11261084
Agent [candidate] (1.248 s) : 0, 1247654
Total [candidate] (11.37 s) : 0, 11369711
section profiling
Agent [baseline] (1.186 s) : 0, 1186464
Total [baseline] (11.12 s) : 0, 11119811
Agent [candidate] (1.189 s) : 0, 1188988
Total [candidate] (11.083 s) : 0, 11083410
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.062 s -
Agent appsec 1.261 s 198.958 ms (18.7%)
Agent iast 1.232 s 169.993 ms (16.0%)
Agent profiling 1.186 s 124.587 ms (11.7%)
Total tracing 11.008 s -
Total appsec 11.042 s 34.522 ms (0.3%)
Total iast 11.261 s 253.546 ms (2.3%)
Total profiling 11.12 s 112.274 ms (1.0%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.059 s -
Agent appsec 1.268 s 209.238 ms (19.8%)
Agent iast 1.248 s 188.803 ms (17.8%)
Agent profiling 1.189 s 130.137 ms (12.3%)
Total tracing 11.121 s -
Total appsec 11.059 s -61.819 ms (-0.6%)
Total iast 11.37 s 248.794 ms (2.2%)
Total profiling 11.083 s -37.507 ms (-0.3%) 
gantt
    title petclinic - break down per module: candidate=1.62.0-SNAPSHOT~f3cd8924cc, baseline=1.62.0-SNAPSHOT~8569434beb

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.218 ms) : 0, 1218
crashtracking [candidate] (1.218 ms) : 0, 1218
BytebuddyAgent [baseline] (632.71 ms) : 0, 632710
BytebuddyAgent [candidate] (632.713 ms) : 0, 632713
AgentMeter [baseline] (29.608 ms) : 0, 29608
AgentMeter [candidate] (29.547 ms) : 0, 29547
GlobalTracer [baseline] (249.452 ms) : 0, 249452
GlobalTracer [candidate] (249.689 ms) : 0, 249689
AppSec [baseline] (32.468 ms) : 0, 32468
AppSec [candidate] (32.464 ms) : 0, 32464
Debugger [baseline] (59.971 ms) : 0, 59971
Debugger [candidate] (59.996 ms) : 0, 59996
Remote Config [baseline] (605.357 µs) : 0, 605
Remote Config [candidate] (595.434 µs) : 0, 595
Telemetry [baseline] (8.049 ms) : 0, 8049
Telemetry [candidate] (8.035 ms) : 0, 8035
Flare Poller [baseline] (11.552 ms) : 0, 11552
Flare Poller [candidate] (8.435 ms) : 0, 8435
section appsec
crashtracking [baseline] (1.218 ms) : 0, 1218
crashtracking [candidate] (1.226 ms) : 0, 1226
BytebuddyAgent [baseline] (674.26 ms) : 0, 674260
BytebuddyAgent [candidate] (679.473 ms) : 0, 679473
AgentMeter [baseline] (12.155 ms) : 0, 12155
AgentMeter [candidate] (12.237 ms) : 0, 12237
GlobalTracer [baseline] (248.868 ms) : 0, 248868
GlobalTracer [candidate] (250.439 ms) : 0, 250439
AppSec [baseline] (185.216 ms) : 0, 185216
AppSec [candidate] (186.175 ms) : 0, 186175
Debugger [baseline] (66.669 ms) : 0, 66669
Debugger [candidate] (65.572 ms) : 0, 65572
Remote Config [baseline] (572.178 µs) : 0, 572
Remote Config [candidate] (564.156 µs) : 0, 564
Telemetry [baseline] (7.851 ms) : 0, 7851
Telemetry [candidate] (7.932 ms) : 0, 7932
Flare Poller [baseline] (3.42 ms) : 0, 3420
Flare Poller [candidate] (3.504 ms) : 0, 3504
IAST [baseline] (24.233 ms) : 0, 24233
IAST [candidate] (24.4 ms) : 0, 24400
section iast
crashtracking [baseline] (1.214 ms) : 0, 1214
crashtracking [candidate] (1.231 ms) : 0, 1231
BytebuddyAgent [baseline] (808.651 ms) : 0, 808651
BytebuddyAgent [candidate] (822.087 ms) : 0, 822087
AgentMeter [baseline] (11.432 ms) : 0, 11432
AgentMeter [candidate] (11.596 ms) : 0, 11596
GlobalTracer [baseline] (239.35 ms) : 0, 239350
GlobalTracer [candidate] (240.921 ms) : 0, 240921
AppSec [baseline] (28.68 ms) : 0, 28680
AppSec [candidate] (28.392 ms) : 0, 28392
Debugger [baseline] (66.546 ms) : 0, 66546
Debugger [candidate] (64.947 ms) : 0, 64947
Remote Config [baseline] (542.402 µs) : 0, 542
Remote Config [candidate] (597.765 µs) : 0, 598
Telemetry [baseline] (7.849 ms) : 0, 7849
Telemetry [candidate] (7.79 ms) : 0, 7790
Flare Poller [baseline] (3.434 ms) : 0, 3434
Flare Poller [candidate] (3.407 ms) : 0, 3407
IAST [baseline] (28.118 ms) : 0, 28118
IAST [candidate] (30.25 ms) : 0, 30250
section profiling
ProfilingAgent [baseline] (94.248 ms) : 0, 94248
ProfilingAgent [candidate] (93.974 ms) : 0, 93974
crashtracking [baseline] (1.186 ms) : 0, 1186
crashtracking [candidate] (1.189 ms) : 0, 1189
BytebuddyAgent [baseline] (691.905 ms) : 0, 691905
BytebuddyAgent [candidate] (693.43 ms) : 0, 693430
AgentMeter [baseline] (8.983 ms) : 0, 8983
AgentMeter [candidate] (9.017 ms) : 0, 9017
GlobalTracer [baseline] (208.383 ms) : 0, 208383
GlobalTracer [candidate] (209.055 ms) : 0, 209055
AppSec [baseline] (32.507 ms) : 0, 32507
AppSec [candidate] (32.861 ms) : 0, 32861
Debugger [baseline] (65.985 ms) : 0, 65985
Debugger [candidate] (65.877 ms) : 0, 65877
Remote Config [baseline] (574.347 µs) : 0, 574
Remote Config [candidate] (567.643 µs) : 0, 568
Telemetry [baseline] (7.844 ms) : 0, 7844
Telemetry [candidate] (7.821 ms) : 0, 7821
Flare Poller [baseline] (3.496 ms) : 0, 3496
Flare Poller [candidate] (3.512 ms) : 0, 3512
Profiling [baseline] (94.805 ms) : 0, 94805
Profiling [candidate] (94.544 ms) : 0, 94544
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.62.0-SNAPSHOT~f3cd8924cc, baseline=1.62.0-SNAPSHOT~8569434beb

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.062 s) : 0, 1061752
Total [baseline] (8.844 s) : 0, 8844375
Agent [candidate] (1.061 s) : 0, 1060922
Total [candidate] (8.864 s) : 0, 8864303
section iast
Agent [baseline] (1.231 s) : 0, 1231395
Total [baseline] (9.538 s) : 0, 9537626
Agent [candidate] (1.232 s) : 0, 1231890
Total [candidate] (9.6 s) : 0, 9600375
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.062 s -
Agent iast 1.231 s 169.643 ms (16.0%)
Total tracing 8.844 s -
Total iast 9.538 s 693.251 ms (7.8%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.061 s -
Agent iast 1.232 s 170.968 ms (16.1%)
Total tracing 8.864 s -
Total iast 9.6 s 736.072 ms (8.3%) 
gantt
    title insecure-bank - break down per module: candidate=1.62.0-SNAPSHOT~f3cd8924cc, baseline=1.62.0-SNAPSHOT~8569434beb

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.249 ms) : 0, 1249
crashtracking [candidate] (1.225 ms) : 0, 1225
BytebuddyAgent [baseline] (636.981 ms) : 0, 636981
BytebuddyAgent [candidate] (634.031 ms) : 0, 634031
AgentMeter [baseline] (29.764 ms) : 0, 29764
AgentMeter [candidate] (29.561 ms) : 0, 29561
GlobalTracer [baseline] (248.9 ms) : 0, 248900
GlobalTracer [candidate] (249.139 ms) : 0, 249139
AppSec [baseline] (32.302 ms) : 0, 32302
AppSec [candidate] (32.483 ms) : 0, 32483
Debugger [baseline] (58.874 ms) : 0, 58874
Debugger [candidate] (58.973 ms) : 0, 58973
Remote Config [baseline] (595.642 µs) : 0, 596
Remote Config [candidate] (584.527 µs) : 0, 585
Telemetry [baseline] (7.948 ms) : 0, 7948
Telemetry [candidate] (8.033 ms) : 0, 8033
Flare Poller [baseline] (8.986 ms) : 0, 8986
Flare Poller [candidate] (10.577 ms) : 0, 10577
section iast
crashtracking [baseline] (1.244 ms) : 0, 1244
crashtracking [candidate] (1.219 ms) : 0, 1219
BytebuddyAgent [baseline] (809.018 ms) : 0, 809018
BytebuddyAgent [candidate] (810.695 ms) : 0, 810695
AgentMeter [baseline] (11.409 ms) : 0, 11409
AgentMeter [candidate] (11.391 ms) : 0, 11391
GlobalTracer [baseline] (239.158 ms) : 0, 239158
GlobalTracer [candidate] (238.481 ms) : 0, 238481
AppSec [baseline] (25.571 ms) : 0, 25571
AppSec [candidate] (27.56 ms) : 0, 27560
Debugger [baseline] (65.267 ms) : 0, 65267
Debugger [candidate] (65.745 ms) : 0, 65745
Remote Config [baseline] (535.388 µs) : 0, 535
Remote Config [candidate] (528.171 µs) : 0, 528
Telemetry [baseline] (7.735 ms) : 0, 7735
Telemetry [candidate] (7.806 ms) : 0, 7806
Flare Poller [baseline] (3.459 ms) : 0, 3459
Flare Poller [candidate] (3.403 ms) : 0, 3403
IAST [baseline] (31.837 ms) : 0, 31837
IAST [candidate] (28.251 ms) : 0, 28251
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/APPSEC-61873-6-akka
git_commit_date 1776899365 1776938234
git_commit_sha 8569434 f3cd892
release_version 1.62.0-SNAPSHOT~8569434beb 1.62.0-SNAPSHOT~f3cd8924cc
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1776940572 1776940572
ci_job_id 1623229082 1623229082
ci_pipeline_id 109250045 109250045
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-22okkfyg 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-22okkfyg 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 5 performance improvements and 2 performance regressions! Performance is the same for 14 metrics, 15 unstable metrics.

scenario Δ mean agg_http_req_duration_p50 Δ mean agg_http_req_duration_p95 Δ mean throughput candidate mean agg_http_req_duration_p50 candidate mean agg_http_req_duration_p95 candidate mean throughput baseline mean agg_http_req_duration_p50 baseline mean agg_http_req_duration_p95 baseline mean throughput
scenario:load:insecure-bank:profiling:high_load worse
[+121.011µs; +247.204µs] or [+7.142%; +14.589%]		 unstable
[+0.657ms; +1.616ms] or [+13.742%; +33.825%]		 unstable
[-557.618op/s; -97.132op/s] or [-25.424%; -4.429%]		 1.879ms 5.914ms 1865.906op/s 1.694ms 4.778ms 2193.281op/s
scenario:load:petclinic:tracing:high_load worse
[+0.692ms; +1.491ms] or [+4.028%; +8.671%]		 unsure
[+0.351ms; +1.845ms] or [+1.232%; +6.471%]		 unstable
[-38.056op/s; +13.306op/s] or [-14.448%; +5.051%]		 18.282ms 29.612ms 251.031op/s 17.191ms 28.513ms 263.406op/s
scenario:load:petclinic:no_agent:high_load better
[-2.883ms; -1.526ms] or [-15.412%; -8.157%]		 better
[-3.910ms; -1.021ms] or [-12.766%; -3.335%]		 unstable
[-0.562op/s; +54.249op/s] or [-0.229%; +22.123%]		 16.504ms 28.161ms 272.062op/s 18.708ms 30.627ms 245.219op/s
scenario:load:petclinic:code_origins:high_load better
[-1.625ms; -0.783ms] or [-8.739%; -4.208%]		 better
[-2.406ms; -0.920ms] or [-8.012%; -3.063%]		 unstable
[-10.574op/s; +41.012op/s] or [-4.274%; +16.575%]		 17.394ms 28.372ms 262.656op/s 18.598ms 30.035ms 247.438op/s
scenario:load:petclinic:appsec:high_load better
[-1.622ms; -0.714ms] or [-8.369%; -3.684%]		 unsure
[-1.829ms; -0.330ms] or [-5.911%; -1.067%]		 unstable
[-9.623op/s; +39.623op/s] or [-4.050%; +16.677%]		 18.213ms 29.871ms 252.594op/s 19.381ms 30.951ms 237.594op/s
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.62.0-SNAPSHOT~f3cd8924cc, baseline=1.62.0-SNAPSHOT~8569434beb
    dateFormat X
    axisFormat %s
section baseline
no_agent (19.035 ms) : 18843, 19228
.   : milestone, 19035,
appsec (19.649 ms) : 19450, 19848
.   : milestone, 19649,
code_origins (18.858 ms) : 18668, 19048
.   : milestone, 18858,
iast (17.686 ms) : 17510, 17862
.   : milestone, 17686,
profiling (18.367 ms) : 18184, 18550
.   : milestone, 18367,
tracing (17.712 ms) : 17536, 17888
.   : milestone, 17712,
section candidate
no_agent (17.147 ms) : 16976, 17319
.   : milestone, 17147,
appsec (18.479 ms) : 18290, 18668
.   : milestone, 18479,
code_origins (17.762 ms) : 17589, 17935
.   : milestone, 17762,
iast (17.9 ms) : 17720, 18080
.   : milestone, 17900,
profiling (18.218 ms) : 18036, 18401
.   : milestone, 18218,
tracing (18.594 ms) : 18404, 18783
.   : milestone, 18594,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 19.035 ms [18.843 ms, 19.228 ms] -
appsec 19.649 ms [19.45 ms, 19.848 ms] 613.794 µs (3.2%)
code_origins 18.858 ms [18.668 ms, 19.048 ms] -176.828 µs (-0.9%)
iast 17.686 ms [17.51 ms, 17.862 ms] -1.349 ms (-7.1%)
profiling 18.367 ms [18.184 ms, 18.55 ms] -668.631 µs (-3.5%)
tracing 17.712 ms [17.536 ms, 17.888 ms] -1.323 ms (-7.0%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 17.147 ms [16.976 ms, 17.319 ms] -
appsec 18.479 ms [18.29 ms, 18.668 ms] 1.331 ms (7.8%)
code_origins 17.762 ms [17.589 ms, 17.935 ms] 614.463 µs (3.6%)
iast 17.9 ms [17.72 ms, 18.08 ms] 752.741 µs (4.4%)
profiling 18.218 ms [18.036 ms, 18.401 ms] 1.071 ms (6.2%)
tracing 18.594 ms [18.404 ms, 18.783 ms] 1.446 ms (8.4%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.62.0-SNAPSHOT~f3cd8924cc, baseline=1.62.0-SNAPSHOT~8569434beb
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.269 ms) : 1256, 1282
.   : milestone, 1269,
iast (3.296 ms) : 3249, 3343
.   : milestone, 3296,
iast_FULL (5.971 ms) : 5911, 6030
.   : milestone, 5971,
iast_GLOBAL (3.505 ms) : 3450, 3561
.   : milestone, 3505,
profiling (2.059 ms) : 2041, 2077
.   : milestone, 2059,
tracing (1.832 ms) : 1817, 1846
.   : milestone, 1832,
section candidate
no_agent (1.239 ms) : 1227, 1252
.   : milestone, 1239,
iast (3.221 ms) : 3175, 3266
.   : milestone, 3221,
iast_FULL (5.835 ms) : 5776, 5894
.   : milestone, 5835,
iast_GLOBAL (3.588 ms) : 3529, 3646
.   : milestone, 3588,
profiling (2.434 ms) : 2409, 2459
.   : milestone, 2434,
tracing (1.866 ms) : 1849, 1883
.   : milestone, 1866,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.269 ms [1.256 ms, 1.282 ms] -
iast 3.296 ms [3.249 ms, 3.343 ms] 2.027 ms (159.7%)
iast_FULL 5.971 ms [5.911 ms, 6.03 ms] 4.701 ms (370.4%)
iast_GLOBAL 3.505 ms [3.45 ms, 3.561 ms] 2.236 ms (176.2%)
profiling 2.059 ms [2.041 ms, 2.077 ms] 789.944 µs (62.2%)
tracing 1.832 ms [1.817 ms, 1.846 ms] 562.475 µs (44.3%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.239 ms [1.227 ms, 1.252 ms] -
iast 3.221 ms [3.175 ms, 3.266 ms] 1.981 ms (159.8%)
iast_FULL 5.835 ms [5.776 ms, 5.894 ms] 4.595 ms (370.8%)
iast_GLOBAL 3.588 ms [3.529 ms, 3.646 ms] 2.348 ms (189.5%)
profiling 2.434 ms [2.409 ms, 2.459 ms] 1.194 ms (96.4%)
tracing 1.866 ms [1.849 ms, 1.883 ms] 626.57 µs (50.6%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/APPSEC-61873-6-akka
git_commit_date 1776899365 1776938234
git_commit_sha 8569434 f3cd892
release_version 1.62.0-SNAPSHOT~8569434beb 1.62.0-SNAPSHOT~f3cd8924cc
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1776940265 1776940265
ci_job_id 1623229083 1623229083
ci_pipeline_id 109250045 109250045
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-1aler1zz 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-1aler1zz 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 10 metrics, 2 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.62.0-SNAPSHOT~f3cd8924cc, baseline=1.62.0-SNAPSHOT~8569434beb
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.494 ms) : 1483, 1506
.   : milestone, 1494,
appsec (3.784 ms) : 3564, 4003
.   : milestone, 3784,
iast (2.289 ms) : 2218, 2360
.   : milestone, 2289,
iast_GLOBAL (2.338 ms) : 2267, 2409
.   : milestone, 2338,
profiling (2.118 ms) : 2062, 2174
.   : milestone, 2118,
tracing (2.094 ms) : 2040, 2148
.   : milestone, 2094,
section candidate
no_agent (1.49 ms) : 1478, 1502
.   : milestone, 1490,
appsec (3.772 ms) : 3553, 3991
.   : milestone, 3772,
iast (2.304 ms) : 2233, 2375
.   : milestone, 2304,
iast_GLOBAL (2.343 ms) : 2272, 2415
.   : milestone, 2343,
profiling (2.542 ms) : 2328, 2756
.   : milestone, 2542,
tracing (2.095 ms) : 2040, 2149
.   : milestone, 2095,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.494 ms [1.483 ms, 1.506 ms] -
appsec 3.784 ms [3.564 ms, 4.003 ms] 2.289 ms (153.2%)
iast 2.289 ms [2.218 ms, 2.36 ms] 794.537 µs (53.2%)
iast_GLOBAL 2.338 ms [2.267 ms, 2.409 ms] 843.74 µs (56.5%)
profiling 2.118 ms [2.062 ms, 2.174 ms] 623.194 µs (41.7%)
tracing 2.094 ms [2.04 ms, 2.148 ms] 599.714 µs (40.1%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.49 ms [1.478 ms, 1.502 ms] -
appsec 3.772 ms [3.553 ms, 3.991 ms] 2.282 ms (153.2%)
iast 2.304 ms [2.233 ms, 2.375 ms] 814.136 µs (54.6%)
iast_GLOBAL 2.343 ms [2.272 ms, 2.415 ms] 853.349 µs (57.3%)
profiling 2.542 ms [2.328 ms, 2.756 ms] 1.052 ms (70.6%)
tracing 2.095 ms [2.04 ms, 2.149 ms] 604.53 µs (40.6%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.62.0-SNAPSHOT~f3cd8924cc, baseline=1.62.0-SNAPSHOT~8569434beb
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.68 s) : 15680000, 15680000
.   : milestone, 15680000,
appsec (14.643 s) : 14643000, 14643000
.   : milestone, 14643000,
iast (18.497 s) : 18497000, 18497000
.   : milestone, 18497000,
iast_GLOBAL (18.313 s) : 18313000, 18313000
.   : milestone, 18313000,
profiling (14.917 s) : 14917000, 14917000
.   : milestone, 14917000,
tracing (14.619 s) : 14619000, 14619000
.   : milestone, 14619000,
section candidate
no_agent (15.543 s) : 15543000, 15543000
.   : milestone, 15543000,
appsec (14.777 s) : 14777000, 14777000
.   : milestone, 14777000,
iast (18.197 s) : 18197000, 18197000
.   : milestone, 18197000,
iast_GLOBAL (18.142 s) : 18142000, 18142000
.   : milestone, 18142000,
profiling (15.005 s) : 15005000, 15005000
.   : milestone, 15005000,
tracing (15.179 s) : 15179000, 15179000
.   : milestone, 15179000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.68 s [15.68 s, 15.68 s] -
appsec 14.643 s [14.643 s, 14.643 s] -1.037 s (-6.6%)
iast 18.497 s [18.497 s, 18.497 s] 2.817 s (18.0%)
iast_GLOBAL 18.313 s [18.313 s, 18.313 s] 2.633 s (16.8%)
profiling 14.917 s [14.917 s, 14.917 s] -763.0 ms (-4.9%)
tracing 14.619 s [14.619 s, 14.619 s] -1.061 s (-6.8%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.543 s [15.543 s, 15.543 s] -
appsec 14.777 s [14.777 s, 14.777 s] -766.0 ms (-4.9%)
iast 18.197 s [18.197 s, 18.197 s] 2.654 s (17.1%)
iast_GLOBAL 18.142 s [18.142 s, 18.142 s] 2.599 s (16.7%)
profiling 15.005 s [15.005 s, 15.005 s] -538.0 ms (-3.5%)
tracing 15.179 s [15.179 s, 15.179 s] -364.0 ms (-2.3%)

@jandro996 jandro996 force-pushed the alejandro.gonzalez/APPSEC-61873-6-akka branch from 77765ec to 3ee4e5e Compare April 22, 2026 10:35
@jandro996 jandro996 changed the title Add server.request.body.filenames support for Akka HTTP, Grizzly, and Spring Boot Add server.request.body.filenames AppSec address for Akka HTTP, Jersey, and Grizzly Apr 22, 2026
@jandro996 jandro996 marked this pull request as ready for review April 22, 2026 11:01
@jandro996 jandro996 requested review from a team as code owners April 22, 2026 11:01
@jandro996 jandro996 marked this pull request as draft April 23, 2026 08:15
@jandro996 jandro996 changed the title Add server.request.body.filenames AppSec address for Akka HTTP, Jersey, and Grizzly Add server.request.body.filenames AppSec address for Akka HTTP Apr 23, 2026
@jandro996 jandro996 force-pushed the alejandro.gonzalez/APPSEC-61873-6-akka branch from 3ee4e5e to 2848d37 Compare April 23, 2026 08:52
@jandro996 jandro996 marked this pull request as ready for review April 23, 2026 09:14
@jandro996
Copy link
Copy Markdown
Member Author

jandro996 commented Apr 23, 2026

@codex review

chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed Apr 23, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 2848d3738a

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread ...tp-10.0/src/main/java/datadog/trace/instrumentation/akkahttp/appsec/UnmarshallerHelpers.java
@jandro996 jandro996 force-pushed the alejandro.gonzalez/APPSEC-61873-6-akka branch from 2848d37 to 8daa014 Compare April 23, 2026 09:57
@jandro996
Copy link
Copy Markdown
Member Author

jandro996 commented Apr 23, 2026

@codex review

@chatgpt-codex-connector
Copy link
Copy Markdown

chatgpt-codex-connector Bot commented Apr 23, 2026

Codex Review: Didn't find any major issues. Can't wait for the next one!

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

@manuel-alvarez-alvarez manuel-alvarez-alvarez Awaiting requested review from manuel-alvarez-alvarez manuel-alvarez-alvarez is a code owner automatically assigned from DataDog/asm-java

@daniel-romano-DD daniel-romano-DD Awaiting requested review from daniel-romano-DD daniel-romano-DD is a code owner automatically assigned from DataDog/asm-java

@claponcet claponcet Awaiting requested review from claponcet

@ValentinZakharov ValentinZakharov Awaiting requested review from ValentinZakharov

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

comp: asm waf Application Security Management (WAF) type: enhancement Enhancements and improvements

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jandro996